A new generation of computing devices and employees is driving a change in the way IT departments and organisations interface with their employees (and those devices). The need for a more flexible delivery model challenges traditional approaches to delivering corporate applications and securing data.
Ewen Anderson at Centralis explains how organisations can manage consumerisation in an efficient and secure manner, boosting productivity and employee satisfaction while delivering on longer-term strategic objectives.
Much has been made of the wave of consumerisation sweeping across the corporate landscape. New devices and applications are being adopted irrespective of whether they have support from the IT department or the blessing of senior management. Social media and rich content (i.e. audio and video) are also crossing into the business space, as the new ‘echo’ generation of employees expect to be able to create and consume information and content on-demand using the most appropriate (or inappropriate) device they choose.
Whether it be a smart phone (and iPhone in particular), tablet PC (namely an iPad) or laptop (or even a highly unfashionable netbook), employees are increasingly accessing both social media and business applications on the move, often connecting their devices to multiple screens when in the office to access desktop real estate for high-performance graphical or documentary work. This blurring of their working and private lives means that consumerisation now embraces much more than simply the concept of bring your own (BYO) laptop devices in the work place.
Firms recognise the benefits of boosting productivity and satisfaction by providing employees with the tools to work more flexibly, but also see the inherent conflict between the freedom of enabling them to work where they want versus the IT department’s desire to lock everything down and control it. For firms looking to benefit from rather, than stifle or control, consumerisation, there is now much greater complexity in managing devices, securing corporate data and enforcing acceptable usage policies.
IT was acceptable in the 80s
Consumerisation has been around for some time, but the rising level of employee’ expectation has thrust it to the top of the corporate agenda. Today, it is not unusual for there to be three generations working within an organisation: the ‘Baby Boomers’ (1946 to 1964); ‘Generation X’ (1965 to 1979); and the ‘Echo Generation’ (1980 to 1990) – with the latter being the primary driver of consumerisation. Typically, they have a smart phone, a laptop and potentially a tablet PC and are using social media applications such as Facebook, Twitter and Youtube at all times of day. When they enter the workplace, they expect this exact same level of ‘service’.
Similarly, there is a growing demand from C-level executives, marketing and training professionals for the ability to deliver rich media to staff wherever they are. However, applications such as video conferencing have been confined to just a few rooms equipped with cameras and screens. Given that many people use Skype regularly at home, the growing gap between the expectations of staff and the ability of IT teams to deliver is apparent.
The majority of workplaces continue to be predicated on the 1980s concept of computing – i.e. there is a desktop computer, a keyboard, a monitor and telephone – and the employee is expected to sit there and do their job. Employee access to certain types of websites is often restricted and social media is most likely blocked altogether. Furthermore, access to corporate applications and data has remained tethered to the PC. In a survey of more than 2,600 information workers and 550 IT administrators in nine countries earlier this year, IDC found that 76 percent of IT staff said they had no plans over the next 12 months to modify internal business applications for tablets and smartphones.
Striking a balance
Firms are responding to the march of consumerisation by implementing security and usage policies designed to allow employees more freedom in moving between devices. Yet significant tensions remain because the level of security demanded by IT teams can often lock-down devices (particularly laptops) to the extent they are rendered barely usable. If firms are overly restrictive, employees can react badly, refusing to work flexibly or by finding workarounds. A common scenario is where a user emails a file to a webmail account and saves the attachment back to their local drive if their corporate laptop has been locked to prevent them from saving files locally. In this scenario, potentially sensitive data is leaving the confines of corporate IT and becomes both a security risk and a potential breach in regulatory compliance.
By its very definition, an element of risk has to be introduced if users are to be given flexible access to information. Consumerisation therefore becomes a question of how organisations configure and manage the interface between the user and the device, as well as how much control it retains over the devices being used and the data being accessed. The solution lies in finding an appropriate way of managing the device to ensure that all data is encrypted, that the device has an anti-virus solution and that there is an acceptable usage policy applied that also makes provisions for a certain amount of personal usage.
The delivery model varies from one end of the spectrum to the other depending on type of organisation and job function. For example, utilities currently equip engineers with laptops that are completely locked down and ‘cloned’ to create a standardised, highly-rugged build that can be mass produced and distributed in an efficient and secure manner. Conversely, a full consumerisation model allows knowledge-based workers to consume and create information on the move from any end-point device.
Rise of the virtual machines
Desktop transformation using virtual computing in the broadest sense (as opposed to just VDI) provides firms with the flexibility to fit their IT delivery model to that of corporate strategy. As the name suggests, with virtual computing, a virtual machine can exist in complete isolation to the ‘client desktop’, allowing applications and data to be run locally on the device, centrally in the datacentre – or both. Each layer of ‘compute’ is separated – typically via a public, private or hybrid cloud – and then delivered to the device on demand. Once the user is authenticated, their virtual desktop interface comprising the mix of operating system, local and central applications and user personalisation is presented to the device. Application data is then delivered from the cloud on the fly.
Any of these layers (interface, applications, data) can be stored completely separate of the device and all layers can be kept completely independent of each other to ensure that the applications and the data can be delivered from different places and onto different devices without conflicting with each other. In this way, the device can be passed from person to person without their ‘fingerprint’ being left on the device. In addition, any layer can also be stored locally on the device, depending the type of data the user requires when they are offline (i.e. not connected to the internet). Here, the use of offline virtualisation computing environments will start to become more prevalent, whereby virtual machines run on a device with application data made available locally but then synchronised back to the corporate network when connected. Crucially, all data must be encrypted in this model.
The major advantage with virtual computing is that a firm can create a ‘standard’ build without having to worry about the hardware build of the device itself (i.e. network card, graphics card, etc.). This means that the firm can have a small number of builds linked to work types, rather than having a build for each work type and each laptop type, which is where all the complexity otherwise creeps in. Having a virtualised build allows firms to create a single image that can be deployed onto any laptop or other device. It is then possible to test against any application set, manage it centrally and, as soon as that virtualised build connects to the network, updates are applied automatically.
A question of strategy
Virtual computing takes the concept of consumerisation to the level where an organisation is able to provide a new employee with a device and user ID on their first day at the office, and deliver them a complete desktop environment once they have entered their authentication details and password. When the employee hands that device back, there is no trace of their identity or application data left on it. Similarly, if the employee brings their own device into work, they can access corporate systems from that device and have all of their applications presented on it, rather than physically being stored on it. If the device is subsequently lost or stolen, the firm is assured that their corporate information remains safe.
Before embarking on a desktop transformation however, it is crucial that firms understand what it is they want to achieve. They need to take a 3-5 year view of working patterns and how these might change – e.g. whether they are looking to support an increase in home or flexible working, or enable the use of rich media and hot-desking in the office.
It is crucial to link their application and desktop strategy to their operational and strategic plans to assess what is critical to the organisation from an application, device and a security perspective – i.e. what information has to be controlled and reported on from a compliance perspective and how this aligns with the operational needs of both end users and the business. Regarding the latter, the links between IT strategy and all aspects of business continuity, disaster recovery and the green agenda are all becoming more important.
Finally, all of the above must be aligned with communications strategy that promotes employee understanding and buy-in and ensures their expectations and needs are being met. The IT department will need to learn to market itself as the enabler of choice and change, rather being seen as a rather dull combination of plumber and traffic warden.
Using desktop virtualisation to get the underlying delivery technology right and providing it reliably may not make the IT department cool – but it will serve the changing needs of the organisation and its employees in the coming years...